VPN/Direct Connect Access
Scenario
If your local data center or private network cannot access SWR through a public network, you can use Direct Connect or VPN to connect to Huawei Cloud VPC and use a VPC endpoint to access SWR.
This solution applies only to pushing images through SWR. To pull images, you also need to configure a VPC endpoint for accessing OBS using the OBS private address.
Procedure
- Create a VPC. For details, see Creating a VPC.
- Create a Direct Connect connection or VPN so that the data center can connect to the VPC through Direct Connect or VPN.
- Buy a VPC endpoint.
a. Log in to the management console.
b. Click
at the upper left corner and select the desired region and project.c. In the Service List at the upper left corner, choose Networking > VPC Endpoint.
d. On the displayed page, click Buy VPC Endpoint.
e. Configure the parameters as prompted.
f. Click Next.
g. Confirm the order details and click Submit.
- Obtain the private network IP address and domain name for accessing the VPC.
By default, the domain name resolution rule is automatically added to Huawei Cloud VPCs.
You only need to configure hosts for non-Huawei Cloud endpoints.
a. Go to the endpoint list.
b. Locate the purchased endpoint and click the endpoint ID to go to the details page.
c. On the page displayed, you can view the IP address and private network domain name of the endpoint.
Figure 1 Endpoint details page
- Configure hosts of the local data center. The hosts IP address consists of the IP address and private network domain name of the endpoint. Example:
Figure 2 Example hosts
In this section, 172.xx.xx.xx swr.ap-southeast-1.myhuaweicloud.com is only an example. Replace it with the actual IP address and private network domain name.
There are two configuration methods:
- Configuring Hosts for Linux:
- Run the following command to open the /etc/hosts file:
sudo vim /etc/hosts
- Add a custom domain name in the format of xx.xx.xx.xx swr.xx -xx.myhuaweicloud.com.
xx.xx.xx.xx and swr.xx -xx.myhuaweicloud.com indicate the IP address and domain name obtained in Step 4, respectively.
- Run the following command to restart the network.
sudo/etc/init.d/networking restart
- Customizing DNS Hosts:
- Obtain the IP address of the VPC endpoint by referring to 4.
- Configure DNS forwarding rules on the DNS server in the local data center.
The method of configuring DNS forwarding rules varies depending onOSs. For details, see the operation guide of the corresponding DNS software.
This step uses the Linux OS and Bind (common DNS software) as an example.
- Edit the /etc/named.conf file to add a zone.
zone " swr.xx-xx.myhuaweicloud.com " IN { type master; file " /var/named/swr.xx-xx.myhuaweicloud.com.zone"; }; - Configure forward DNS resolution. Create the /var/named/swr.xx-xx.myhuaweicloud.com.zone file corresponding to the file in a.
$TTL 604800 @ IN SOA swr.xx-xx.myhuaweicloud.com. root.localhost. ( 2 ; Serial 604800 ; Refresh 86400 ; Retry 2419200 ; Expire 604800 ) ; Negative Cache TTL ; @ IN NS swr.xx-xx.myhuaweicloud.com. swr.xx-xx.myhuaweicloud.com. IN A xx.xx.xx.xx - Restart the service.
- You can query SWR endpoints in different regions in Regions and Endpoints.
- If no DNS server is available in the local data center, add the endpoint IP address for accessing DNS to the /etc/resolv.conf file of the local data center.
- swr.xx-xx.myhuaweicloud.com indicates the IP address obtained in Step 4.
- Edit the /etc/named.conf file to add a zone.
- Run the following command to verify the configuration and check the output.
ping swr.xx -xx.myhuaweicloud.com
- Use this domain name (swr.xx -xx.myhuaweicloud.com) in the later access to SWR.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
